Trusted Design

Android banking trojan as Flash Player and bypasses 2FA

概要

Active users of mobile banking apps should be aware of a new Android banking trojan campaign targeting customers of large banks in Australia, New Zealand and Turkey. The banking malware, detected by ESET security products as Android/Spy.Agent.SI, can steal login credentials from 20 mobile banking apps.The list of target banks includes the largest banks in each of the three target countries (A full list can be found in the final section of this article). Thanks to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Android banking malware masquerades as Flash Player (score: 0.91)
Banking Trojan infected dozens of Android apps worldwide (score: 0.81)
Trojan-Banker.AndroidOS.Faketoken follow-up (score: 0.80)
Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide (score: 0.79)
A Look Into The New Strain Of BankBot (score: 0.79)

このPulseに関連する脅威アクター (事実ベース)

FIN7

Score: 13.31

Matched TTPs:

T1011.001 - Exfiltration Over Bluetooth
T1105 - Ingress Tool Transfer
T1055.015 - ListPlanting
T1490 - Inhibit System Recovery

MITREへのリンク →

Contagious Interview

Score: 14.12

Matched TTPs:

T1552.003 - Shell History
T1059.006 - Python
T1651 - Cloud Administration Command
T1547.008 - LSASS Driver

MITREへのリンク →

Kimsuky

Score: 20.69

Matched TTPs:

T1552.003 - Shell History
T1001 - Data Obfuscation
T1027.014 - Polymorphic Code
T1132.002 - Non-Standard Encoding
T1526 - Cloud Service Discovery
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN13

Score: 12.07

Matched TTPs:

T1552.003 - Shell History
T1105 - Ingress Tool Transfer
T1548.006 - TCC Manipulation
T1686.001 - Cloud Firewall

MITREへのリンク →

Storm-0501

Score: 5.27

Matched TTPs:

T1552.003 - Shell History
T1027.014 - Polymorphic Code

MITREへのリンク →

Scattered Spider

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1548.006 - TCC Manipulation

MITREへのリンク →

Medusa Group

Score: 4.86

Matched TTPs:

T1552.003 - Shell History
T1548.006 - TCC Manipulation

MITREへのリンク →

Play

Score: 5.19

Matched TTPs:

T1552.003 - Shell History
T1490 - Inhibit System Recovery

MITREへのリンク →

UNC3886

Score: 6.59

Matched TTPs:

T1059.004 - Unix Shell
T1055.015 - ListPlanting

MITREへのリンク →

Patchwork

Score: 9.14

Matched TTPs:

T1059.004 - Unix Shell
T1001 - Data Obfuscation
T1665 - Hide Infrastructure

MITREへのリンク →

Deep Panda

Score: 5.90

Matched TTPs:

T1059.004 - Unix Shell
T1027.014 - Polymorphic Code

MITREへのリンク →

GALLIUM

Score: 3.15

Matched TTPs:

T1059.004 - Unix Shell

MITREへのリンク →

OilRig

Score: 15.89

Matched TTPs:

T1059.004 - Unix Shell
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery
T1055.015 - ListPlanting
T1547.008 - LSASS Driver

MITREへのリンク →

Turla

Score: 9.44

Matched TTPs:

T1059.004 - Unix Shell
T1556.009 - Conditional Access Policies
T1490 - Inhibit System Recovery

MITREへのリンク →

APT3

Score: 3.15

Matched TTPs:

T1059.004 - Unix Shell

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

Threat Group-3390

Score: 6.30

Matched TTPs:

T1001 - Data Obfuscation
T1526 - Cloud Service Discovery

MITREへのリンク →

BlackByte

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

TA2541

Score: 3.15

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

menuPass

Score: 5.49

Matched TTPs:

T1001 - Data Obfuscation
T1548.006 - TCC Manipulation

MITREへのリンク →

Leviathan

Score: 6.19

Matched TTPs:

T1027.014 - Polymorphic Code
T1592.003 - Firmware

MITREへのリンク →

APT32

Score: 8.08

Matched TTPs:

T1027.014 - Polymorphic Code
T1105 - Ingress Tool Transfer
T1490 - Inhibit System Recovery

MITREへのリンク →

APT28

Score: 16.71

Matched TTPs:

T1592.003 - Firmware
T1105 - Ingress Tool Transfer
T1548.006 - TCC Manipulation
T1055.008 - Ptrace System Calls
T1566.003 - Spearphishing via Service

MITREへのリンク →

Magic Hound

Score: 5.96

Matched TTPs:

T1592.003 - Firmware
T1547.008 - LSASS Driver

MITREへのリンク →

LAPSUS$

Score: 9.40

Matched TTPs:

T1592.003 - Firmware
T1132.002 - Non-Standard Encoding
T1548.006 - TCC Manipulation

MITREへのリンク →

Chimera

Score: 12.23

Matched TTPs:

T1592.003 - Firmware
T1132.002 - Non-Standard Encoding
T1548.006 - TCC Manipulation
T1665 - Hide Infrastructure

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Wizard Spider

Score: 9.11

Matched TTPs:

T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery
T1548.006 - TCC Manipulation

MITREへのリンク →

APT42

Score: 3.62

Matched TTPs:

T1132.002 - Non-Standard Encoding

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

BlackTech

Score: 3.15

Matched TTPs:

T1526 - Cloud Service Discovery

MITREへのリンク →

FIN8

Score: 3.15

Matched TTPs:

T1526 - Cloud Service Discovery

MITREへのリンク →

Mustang Panda

Score: 12.29

Matched TTPs:

T1526 - Cloud Service Discovery
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer
T1548.006 - TCC Manipulation

MITREへのリンク →

Lazarus Group

Score: 15.59

Matched TTPs:

T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer
T1055.015 - ListPlanting
T1665 - Hide Infrastructure
T1547.008 - LSASS Driver

MITREへのリンク →

Tropic Trooper

Score: 8.17

Matched TTPs:

T1105 - Ingress Tool Transfer
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

HAFNIUM

Score: 11.81

Matched TTPs:

T1105 - Ingress Tool Transfer
T1548.006 - TCC Manipulation
T1055.008 - Ptrace System Calls
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN6

Score: 4.86

Matched TTPs:

T1548.006 - TCC Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

Volt Typhoon

Score: 5.17

Matched TTPs:

T1548.006 - TCC Manipulation
T1665 - Hide Infrastructure

MITREへのリンク →

APT41

Score: 5.78

Matched TTPs:

T1548.006 - TCC Manipulation
T1055.015 - ListPlanting

MITREへのリンク →

ToddyCat

Score: 5.36

Matched TTPs:

T1665 - Hide Infrastructure
T1547.008 - LSASS Driver

MITREへのリンク →

APT29

Score: 5.19

Matched TTPs:

T1547.008 - LSASS Driver
T1490 - Inhibit System Recovery

MITREへのリンク →

Velvet Ant

Score: 6.80

Matched TTPs:

T1490 - Inhibit System Recovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.76

Matched TTPs:

T1526 - Cloud Service Discovery
T1027.014 - Polymorphic Code
T1490 - Inhibit System Recovery
T1552.003 - Shell History
T1001 - Data Obfuscation
T1665 - Hide Infrastructure
T1132.002 - Non-Standard Encoding

MITREへのリンク →

APT28

Score: 0.66

Matched TTPs:

T1566.003 - Spearphishing via Service
T1548.006 - TCC Manipulation
T1105 - Ingress Tool Transfer
T1055.008 - Ptrace System Calls
T1592.003 - Firmware

MITREへのリンク →

OilRig

Score: 0.61

Matched TTPs:

T1526 - Cloud Service Discovery
T1059.004 - Unix Shell
T1556.009 - Conditional Access Policies
T1547.008 - LSASS Driver
T1055.015 - ListPlanting

MITREへのリンク →

FIN7

Score: 0.61

Matched TTPs:

T1105 - Ingress Tool Transfer
T1011.001 - Exfiltration Over Bluetooth
T1055.015 - ListPlanting
T1490 - Inhibit System Recovery

MITREへのリンク →

Lazarus Group

Score: 0.60

Matched TTPs:

T1105 - Ingress Tool Transfer
T1547.008 - LSASS Driver
T1055.005 - Thread Local Storage
T1055.015 - ListPlanting
T1665 - Hide Infrastructure

MITREへのリンク →

Contagious Interview

Score: 0.55

Matched TTPs:

T1547.008 - LSASS Driver
T1651 - Cloud Administration Command
T1059.006 - Python
T1552.003 - Shell History

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る